Repeat after me: Separating username and password fields on separate (fucking responsive) page WILL NOT INCREASE A FUCKING SECURITY IN ANY WAY! IT WILL JUST MAKE THE PASSWORD MANAGERS TO WORK WORSE AND IT THUS IT WILL FUCKING DECREASE THE SECURITY!!!

Die Schwachstelle "React2Shell" wird mittlerweile von vielen Akteuren massiv ausgenutzt, um verschiedenste Kompromittierungen vorzunehmen. Von der opportunistischen Installation von Cryptominern und Exfiltration von Zugangsdaten, Integration in Botnetzen, bis hin zur persistenten Kompromittierung mittels ausgereifter Malware wurden Angriffe von verschiedenen IT-Sicherheitsunternehmen beobachtet. In Deutschland allein sind knapp 15.000 Webanwendungen durch die Schwachstelle verwundbar.

Der Social-Media-Beauftragte des Deutschen Karikaturenpreises sprach neulich von einem "treffenden Beispiel für innere Konflikte zwischen Denken und Handeln“. 😘

A Developer Accidentally Found CSAM in AI Data. Google Banned Him For It

Mark Russo reported the dataset to all the right organizations, but still couldn't get into his accounts for months.
— by @404mediaco

🤦 https://www.404media.co/a-developer-accidentally-found-csam-in-ai-data-google-banned-him-for-it/

#ai #developer #google #banning #aidata #dev #account #shameyou #dataset #csam #rightwing #aipropaganda #noai #banned

Das frühere BAFL (heute BAMF) nutzte einst bafl[.]de. Unsere (Neu-)Registrierung der Domain zeigt, dass sie über ein Jahrzehnt später noch immer von internen Systemen abgefragt wird - eine verwaiste Bundesdomain, die in falschen Händen ein erhebliches Risiko dargestellt hätte.

▶Mehr Infos: https://mint-secure.de/bundesdomain-im-blindflug-dns-leaks-und-ein-jahrzehnt-it-nachlaessigkeit/

▶Einordnung von @annskaja auf @netzpolitik_org zu diesem und weiteren Fällen: https://netzpolitik.org/2025/fruehere-behoerden-domains-ein-gefaehrliches-gluecksspiel/

Mehr dazu werden wir auf dem #39c3 des @CCC Ende des Jahres in HH berichten.

Today, DWI publishes a powerful essay by Michael Geoffrey Asia, who works impersonating an AI sex companion: https://data-workers.org/michael/

This piece offers a rare glimpse into the psychological and economic realities behind one of the fastest-growing sectors: AI-assisted intimacy.

It's time to tell you about another new, exciting type of digital censorship that we've discovered while existing as a museum of vaginas, vulvas and the gynaecological anatomy. This time: Google Ads.

Geklaut, wegen Ignoranz.

#CDU #fail

Weil gerade viele in Gießen für uns auf der Straße sind ( und vom Bundeskanzler nicht unterstützt werden)
#AntiFa #FCKAFD #DEgeneriert

The perfect headline doesn't exist…

https://www.pcgamer.com/software/ai/microsofts-head-of-ai-doesnt-understand-why-people-dont-like-ai-and-i-dont-understand-why-he-doesnt-understand-because-its-pretty-obvious/

"Controversy erupts at the plagiarism machine conference when it turned out people were using the plagiarism machine to do plagiarism."

This is genuine comedy.

https://www.nature.com/articles/d41586-025-03506-6

"Device hoarding" is apparently 2025's version of "quiet quitting"—which is to say, a phrase that doesn't mean what it sounds like, and that is being vilified despite describing an objectively good thing.

"AI advocates have warned that if every author in the class action filed a claim, it would "financially ruin" the entire industry."

Win win.
I just registered my name & book details with the appropriate law firm.

Check if your book/article/paper is on the list here:
https://www.theatlantic.com/technology/archive/2025/03/search-libgen-data-set/682094/

If it is, go here:
https://www.lieffcabraser.com/anthropic-author-contact/

https://arstechnica.com/tech-policy/2025/08/authors-celebrate-historic-settlement-coming-soon-in-anthropic-class-action/?utm_source=bluesky&utm_medium=social&utm_campaign=aud-dev&utm_social-type=owned

#authors #books #AI

Amazing moment of realization captured.

Settings

#webcomic #krita #miniFantasyTheater

It is so hilarious to me that we have FOSS maintainers begging for money to try to keep the development of NTP ongoing. NTP - you know, that protocol that the entirety of humanity relies on for access to the internet (or anything on a network for that matter).

Meanwhile the o̶l̶i̶g̶a̶r̶c̶h̶y̶ broligarchy makes billions of the backs of these people.

Anyways, they're currently at $495 of $1000 for their 2025 goal. Go throw them some $ if you feel so inclined.

https://www.nwtime.org/mills-spring/

#NTP

Microsoft openly admitting they have not(!) had MFA, network segmentation, least privilege, software lifecycle, jump-servers, asset- and software-inventory etc for Azure PROD for years and they are not there yet.

This whole report is just so scary. At the same time, good that they are finally working on it and making it transparent.

Source: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/sfi-april-2025-progress-report.pdf

#Microsoft #azure #infosec